Programmatically Change Azure Log Analytics Pricing Model

Microsoft recently introduced a new model for purchasing Azure Log Analytics. To use this new model you will basically have to enable it on per subscription bases. In short you can either continue to use the old models or flip a switch on your subscription to use the new model. You cannot use both models for different workspaces in your subscription and you cannot move between the old models and the new ones without flipping that switch. Of course flipping that switch is easy as going into the Azure Portal -> Azure Monitor -> Usage and estimated costs blade but what about if you want to do this programmatically? Apparently there is a way to do it that way and in this blog post I will show you how.

Continue reading “Programmatically Change Azure Log Analytics Pricing Model” →

Top 10 Charts in Azure Log Analytics and Application Insights

I’ve recently stumbled on forum question asking for chart that list only the top 10 resources or computers. Such chart is of course used a lot in performance metrics where for example you want to get the top 10 computers with CPU usage and list them in time chart.

Continue reading “Top 10 Charts in Azure Log Analytics and Application Insights” →

Using Custom Log Search Alerts Based on Metric Measurement for Event Based Logs

In Azure Monitor we can create two type of alerts for Log Analytics:

Near real-time metric alerts are scoped to specific performance counter and heartbeat events but with Custom Log Search Alerts you can alert on any log in Log Analytics. With Custom Log Search Alerts the alert logic have two types:

Number of results
Metric Measurement

In a typical scenario you will use Number of results for logs and events and metric measurement for performance/metric logs. That wouldn’t be a problem if the way the alerts are fired distinguish quite a lot between those. For example in metric measurement you aggregate/summarize results and you alert based on the value from the aggregation/summarization. On top of that different alert instance is fired on each summarized record. In number of results you do not summarize/aggregate and alerts are fired based on the count of the records. For example on 10 records you will get only one alert instead of 10. If you are like me this is a problem as you want to get separate alert instance for your events just like metric measurement alerts.
In this blog post I will show you how to overcome this problem with workaround from the powerful Log Analytics query language.

Continue reading “Using Custom Log Search Alerts Based on Metric Measurement for Event Based Logs” →

[Cross-Post] How To Detect And Protect Yourself From WannaCry

Make sure to check out this blog post that I’ve wrote on my company’s web site.

How To Detect And Protect Yourself From WannaCry

Version 3.0.1 of THE MVP Script to Download All SCOM Management Packs with PowerShell

So after the release of 3.0 at the beginning of week there were some comments of desired features and bugs reported. I’ve sent those to Damian and as he is working on fast release cadence a new version is now ready to address those comment. Additionally we are including another friend and fellow MVP Cameron Fuller to the authors. We are now on version 3.0.1 with the following changes: Continue reading “Version 3.0.1 of THE MVP Script to Download All SCOM Management Packs with PowerShell” →

TechEd Europe 2013

New MP: System Center Management Pack for Windows Server DNS

No I am not wrong this is actually a new MP not just an updated version of the old one. You can install it side by side with the old one until you feel comfortable of using only the new one and this is stated in a Note on the download page:

This Management Pack is intended to completely replace the functionality of the previous DNS Management Pack, and as such it is not backwards compatible with them. The old and new management packs can live side-by-side, so you can uninstall the old MP’s if/when you are comfortable with the new Management Pack.

If you open the guide you can find even more information. This MP is structured in a different way which might be the new way of how management packs will be released:

I like this new structure because it gives you the possibility to enable more advanced monitoring by adding another MP that contains all overrides.

Also the announcement for this MP comes in blog post which is great. So far we noticed some new MP downloads on the Microsoft site and after a few days you may or may not see short announcement about new version of MP. But this time is different and in the announcement it is stated that the new MP was tested by the XBOX Live team which will be equivalent of beta testing. May be it is a good idea to beta MPs to be published on Microsoft Connect in order not only TAP customers and internal Microsoft teams to be able to provide feedback.

You can find the announcement about DNS MP here.

Download is located here.

As usual remember to read the guide first before deploying.

More information on the MP here.

Another reminder that all 2007 R2 and 2012 OpsMgr MPs are located here and I have a nice script to download them all in bulk here.

Spread the word:

Spread the word:

Spread the word:

Spread the word:

Spread the word:

Spread the word:

Spread the word: